ia64/xen-unstable

changeset 18329:ca7dd77d5365

Fix restore crash with certain guest memory sizes

This fixes a crash when restoring guests with certain memory sizes (eg
223MB). The ROUNDUP in the call to memcpy, was the main offender, but
I didn't care for the inplace resizing of the p2m entries either.

Signed-off-by: Bruce Rogers <brogers@novell.com>
author Keir Fraser <keir.fraser@citrix.com>
date Thu Aug 14 10:18:08 2008 +0100 (2008-08-14)
parents b1e5a0def648
children d3947223dfae
files tools/libxc/xc_domain_restore.c
line diff
     1.1 --- a/tools/libxc/xc_domain_restore.c	Thu Aug 14 10:14:32 2008 +0100
     1.2 +++ b/tools/libxc/xc_domain_restore.c	Thu Aug 14 10:18:08 2008 +0100
     1.3 @@ -372,7 +372,7 @@ int xc_domain_restore(int xc_handle, int
     1.4      }
     1.5  
     1.6      /* We want zeroed memory so use calloc rather than malloc. */
     1.7 -    p2m        = calloc(p2m_size, MAX(guest_width, sizeof (xen_pfn_t))); 
     1.8 +    p2m        = calloc(p2m_size, sizeof(xen_pfn_t));
     1.9      pfn_type   = calloc(p2m_size, sizeof(unsigned long));
    1.10  
    1.11      region_mfn = xg_memalign(PAGE_SIZE, ROUNDUP(
    1.12 @@ -1178,16 +1178,16 @@ int xc_domain_restore(int xc_handle, int
    1.13      }
    1.14  
    1.15      /* If the domain we're restoring has a different word size to ours,
    1.16 -     * we need to repack the p2m appropriately */
    1.17 +     * we need to adjust the live_p2m assignment appropriately */
    1.18      if ( guest_width > sizeof (xen_pfn_t) )
    1.19          for ( i = p2m_size - 1; i >= 0; i-- )
    1.20 -            ((uint64_t *)p2m)[i] = p2m[i];
    1.21 +            ((uint64_t *)live_p2m)[i] = p2m[i];
    1.22      else if ( guest_width < sizeof (xen_pfn_t) )
    1.23          for ( i = 0; i < p2m_size; i++ )   
    1.24 -            ((uint32_t *)p2m)[i] = p2m[i];
    1.25 -
    1.26 -    memcpy(live_p2m, p2m, ROUNDUP(p2m_size * guest_width, PAGE_SHIFT));
    1.27 -    munmap(live_p2m, ROUNDUP(p2m_size * guest_width, PAGE_SHIFT));
    1.28 +            ((uint32_t *)live_p2m)[i] = p2m[i];
    1.29 +    else
    1.30 +        memcpy(live_p2m, p2m, p2m_size * sizeof(xen_pfn_t));
    1.31 +    munmap(live_p2m, P2M_FL_ENTRIES * PAGE_SIZE);
    1.32  
    1.33      DPRINTF("Domain ready to be built.\n");
    1.34      rc = 0;